recog 2.3.20 → 2.3.23
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/dependabot.yml +8 -0
- data/.github/workflows/ci.yml +1 -1
- data/.github/workflows/verify.yml +89 -0
- data/.vscode/bin/monitor-recog-fingerprints.sh +54 -0
- data/.vscode/extensions.json +5 -0
- data/.vscode/settings.json +8 -0
- data/.vscode/tasks.json +77 -0
- data/CONTRIBUTING.md +8 -0
- data/README.md +17 -0
- data/bin/recog_standardize +28 -13
- data/bin/recog_verify +42 -8
- data/cpe-remap.yaml +62 -3
- data/features/data/schema_failure.xml +4 -0
- data/features/data/tests_with_failures.xml +6 -0
- data/features/support/hooks.rb +9 -0
- data/features/verify.feature +85 -21
- data/identifiers/fields.txt +6 -5
- data/identifiers/hw_device.txt +8 -0
- data/identifiers/hw_family.txt +8 -0
- data/identifiers/hw_product.txt +54 -0
- data/identifiers/os_device.txt +2 -0
- data/identifiers/os_family.txt +2 -0
- data/identifiers/os_product.txt +18 -2
- data/identifiers/service_product.txt +26 -0
- data/identifiers/vendor.txt +62 -1
- data/lib/recog/db.rb +2 -1
- data/lib/recog/fingerprint.rb +33 -6
- data/lib/recog/fingerprint_parse_error.rb +10 -0
- data/lib/recog/nizer.rb +1 -82
- data/lib/recog/verifier.rb +9 -9
- data/lib/recog/verify_reporter.rb +17 -6
- data/lib/recog/version.rb +1 -1
- data/requirements.txt +1 -1
- data/spec/data/external_example_fingerprint/hp_printer_ex_01.txt +1 -0
- data/spec/data/external_example_fingerprint/hp_printer_ex_02.txt +1 -0
- data/spec/data/external_example_fingerprint.xml +8 -0
- data/spec/data/external_example_illegal_path_fingerprint.xml +7 -0
- data/spec/lib/fingerprint_self_test_spec.rb +1 -0
- data/spec/lib/recog/db_spec.rb +84 -61
- data/spec/lib/recog/fingerprint_spec.rb +4 -4
- data/spec/lib/recog/verify_reporter_spec.rb +73 -4
- data/tools/dev/hooks/pre-commit +21 -0
- data/update_cpes.py +130 -37
- data/xml/apache_os.xml +98 -56
- data/xml/architecture.xml +15 -1
- data/xml/dhcp_vendor_class.xml +206 -0
- data/xml/dns_versionbind.xml +26 -13
- data/xml/favicons.xml +236 -47
- data/xml/fingerprints.xsd +9 -1
- data/xml/ftp_banners.xml +213 -197
- data/xml/h323_callresp.xml +101 -101
- data/xml/hp_pjl_id.xml +84 -84
- data/xml/html_title.xml +715 -45
- data/xml/http_cookies.xml +143 -80
- data/xml/http_servers.xml +510 -310
- data/xml/http_wwwauth.xml +177 -75
- data/xml/imap_banners.xml +10 -10
- data/xml/mdns_device-info_txt.xml +421 -26
- data/xml/mysql_banners.xml +3 -2
- data/xml/nntp_banners.xml +12 -9
- data/xml/ntp_banners.xml +97 -97
- data/xml/operating_system.xml +98 -83
- data/xml/pop_banners.xml +27 -27
- data/xml/rsh_resp.xml +3 -3
- data/xml/sip_banners.xml +46 -8
- data/xml/sip_user_agents.xml +180 -27
- data/xml/smb_native_lm.xml +5 -5
- data/xml/smb_native_os.xml +28 -25
- data/xml/smtp_banners.xml +258 -254
- data/xml/smtp_ehlo.xml +1 -1
- data/xml/smtp_help.xml +11 -11
- data/xml/smtp_noop.xml +2 -2
- data/xml/snmp_sysdescr.xml +1554 -1429
- data/xml/snmp_sysobjid.xml +27 -27
- data/xml/ssh_banners.xml +27 -20
- data/xml/telnet_banners.xml +256 -57
- data/xml/tls_jarm.xml +48 -6
- data/xml/x11_banners.xml +3 -3
- data/xml/x509_issuers.xml +69 -2
- data/xml/x509_subjects.xml +144 -33
- metadata +24 -4
- data/lib/recog/verifier_factory.rb +0 -13
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: a185ae988081b761341e8b8799c23feb5eb2ab85c2da2ce63fffe4f2d7ddcac3
|
4
|
+
data.tar.gz: 89e4ab65e87d190c3ea276d18771edd9c6fc75cb5a0863440be61d165ae5b80c
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: ff83575470bf78d4e5a5c464e0dfeb12ac310ecc856fde6919bf3f7a5e3ba9b69d2be479f9a0cab4cc2c03f7babb6f21673d7015d5cf3182587f86ab3f45f0cf
|
7
|
+
data.tar.gz: 68a7dad6b6cbafc8dac0ac46a0ae7aab6f64c0095c314fa126da107f05b3befff3e4f9f2af41836aa96437746dceeb17718927acc824d842cb9f4a56b234da34
|
data/.github/workflows/ci.yml
CHANGED
@@ -0,0 +1,89 @@
|
|
1
|
+
name: Verify
|
2
|
+
|
3
|
+
on:
|
4
|
+
push:
|
5
|
+
branches:
|
6
|
+
- master
|
7
|
+
paths:
|
8
|
+
- 'xml/**.xml'
|
9
|
+
pull_request:
|
10
|
+
paths:
|
11
|
+
- 'xml/**.xml'
|
12
|
+
|
13
|
+
jobs:
|
14
|
+
standardize:
|
15
|
+
name: 'Standardize'
|
16
|
+
runs-on: ubuntu-latest
|
17
|
+
strategy:
|
18
|
+
fail-fast: false
|
19
|
+
|
20
|
+
steps:
|
21
|
+
- uses: actions/checkout@v2
|
22
|
+
- uses: ruby/setup-ruby@v1
|
23
|
+
with:
|
24
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
25
|
+
- name: Run recog standardize
|
26
|
+
run: bundle exec bin/recog_standardize xml/*.xml
|
27
|
+
ruby-verify:
|
28
|
+
name: 'Ruby Verify'
|
29
|
+
runs-on: ubuntu-latest
|
30
|
+
strategy:
|
31
|
+
fail-fast: false
|
32
|
+
|
33
|
+
steps:
|
34
|
+
- name: Checkout Ruby implementation
|
35
|
+
uses: actions/checkout@v2
|
36
|
+
- uses: ruby/setup-ruby@v1
|
37
|
+
with:
|
38
|
+
bundler-cache: true # runs 'bundle install' and caches installed gems automatically
|
39
|
+
- name: Run recog verify
|
40
|
+
run: bundle exec recog_verify --schema-location xml/fingerprints.xsd --no-warnings xml/*.xml
|
41
|
+
java-verify:
|
42
|
+
name: 'Java Verify'
|
43
|
+
runs-on: ubuntu-latest
|
44
|
+
strategy:
|
45
|
+
fail-fast: false
|
46
|
+
|
47
|
+
steps:
|
48
|
+
- name: Checkout Java implementation
|
49
|
+
uses: actions/checkout@v2
|
50
|
+
with:
|
51
|
+
repository: rapid7/recog-java
|
52
|
+
- name: Checkout recog content
|
53
|
+
uses: actions/checkout@v2
|
54
|
+
with:
|
55
|
+
path: recog-content
|
56
|
+
- uses: actions/setup-java@v2
|
57
|
+
with:
|
58
|
+
distribution: zulu
|
59
|
+
java-version: '17'
|
60
|
+
- name: Cache Maven packages
|
61
|
+
uses: actions/cache@v2
|
62
|
+
with:
|
63
|
+
path: ~/.m2
|
64
|
+
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
|
65
|
+
restore-keys: ${{ runner.os }}-m2
|
66
|
+
- name: Build with Maven
|
67
|
+
run: mvn --batch-mode --no-transfer-progress install -Dmaven.antrun.skip=true -DskipTests
|
68
|
+
- name: Run recog verify
|
69
|
+
run: mvn --batch-mode --no-transfer-progress --projects recog-verify exec:java -Dexec.mainClass="com.rapid7.recog.verify.RecogVerifier" -Dexec.args="--no-warnings recog-content/xml/*.xml"
|
70
|
+
go-verify:
|
71
|
+
name: 'Go Verify'
|
72
|
+
runs-on: ubuntu-latest
|
73
|
+
strategy:
|
74
|
+
fail-fast: false
|
75
|
+
|
76
|
+
steps:
|
77
|
+
- name: Checkout Go implementation
|
78
|
+
uses: actions/checkout@v2
|
79
|
+
with:
|
80
|
+
repository: RumbleDiscovery/recog-go
|
81
|
+
- name: Checkout recog content
|
82
|
+
uses: actions/checkout@v2
|
83
|
+
with:
|
84
|
+
path: recog-content
|
85
|
+
- uses: actions/setup-go@v2
|
86
|
+
with:
|
87
|
+
go-version: '^1.17.1'
|
88
|
+
- name: Run recog verify
|
89
|
+
run: go run cmd/recog_verify/main.go recog-content/xml/
|
@@ -0,0 +1,54 @@
|
|
1
|
+
#!/bin/bash
|
2
|
+
|
3
|
+
ARGS=()
|
4
|
+
while [[ $# -gt 0 ]]; do
|
5
|
+
case $1 in
|
6
|
+
-s|--schema-location)
|
7
|
+
VALIDATE_SCHEMA="--schema-location $2"
|
8
|
+
shift
|
9
|
+
shift
|
10
|
+
;;
|
11
|
+
-*|--*)
|
12
|
+
echo "Unknown option $1"
|
13
|
+
exit 1
|
14
|
+
;;
|
15
|
+
*)
|
16
|
+
ARGS+=("$1")
|
17
|
+
shift
|
18
|
+
;;
|
19
|
+
esac
|
20
|
+
done
|
21
|
+
set -- "${ARGS[@]}"
|
22
|
+
|
23
|
+
if [ $# -eq 0 ]
|
24
|
+
then
|
25
|
+
echo "Usage: $(basename $0) [--schema-location SCHEMA_LOCATION] <xml fingerprint directory>"
|
26
|
+
exit 1
|
27
|
+
fi
|
28
|
+
|
29
|
+
if [ ! -d "$1" ]
|
30
|
+
then
|
31
|
+
echo "The XML fingerprint file directory must be supplied."
|
32
|
+
exit 1
|
33
|
+
fi
|
34
|
+
|
35
|
+
bin/recog_verify $VALIDATE_SCHEMA "$1/*.xml"
|
36
|
+
|
37
|
+
if ! type fswatch &>/dev/null;
|
38
|
+
then
|
39
|
+
echo "'fswatch' is required to monitor fingerprint files for changes and update the editor."
|
40
|
+
echo "See: https://emcrisostomo.github.io/fswatch/ or install with:"
|
41
|
+
echo " MacOS Homebrew: brew install fswatch"
|
42
|
+
echo " Ubuntu/Debian: apt install fswatch"
|
43
|
+
echo
|
44
|
+
echo "Otherwise, you can re-run this task using the Visual Studio Code command palette"
|
45
|
+
exit 1
|
46
|
+
fi
|
47
|
+
|
48
|
+
echo "Waiting for changes..."
|
49
|
+
fswatch -0 $1 | while read -d "" event; do {
|
50
|
+
echo "Changes detected, validating: ${event}"
|
51
|
+
# TODO: VSCode doesn't support individual/incremental updates to files yet.
|
52
|
+
bin/recog_verify $VALIDATE_SCHEMA "$1/*.xml"
|
53
|
+
echo "Waiting for changes..."
|
54
|
+
}; done
|
data/.vscode/tasks.json
ADDED
@@ -0,0 +1,77 @@
|
|
1
|
+
{
|
2
|
+
"version": "2.0.0",
|
3
|
+
"tasks": [
|
4
|
+
{
|
5
|
+
"label": "Recog Verify - Background Monitor",
|
6
|
+
"command": ".vscode/bin/monitor-recog-fingerprints.sh",
|
7
|
+
"args": [
|
8
|
+
"--schema-location",
|
9
|
+
"xml/fingerprints.xsd",
|
10
|
+
"${workspaceFolder}/xml"
|
11
|
+
],
|
12
|
+
"windows": {
|
13
|
+
"command": ""
|
14
|
+
},
|
15
|
+
"type": "process",
|
16
|
+
"isBackground": true,
|
17
|
+
"problemMatcher": {
|
18
|
+
"owner": "recog",
|
19
|
+
"fileLocation": [
|
20
|
+
"absolute"
|
21
|
+
],
|
22
|
+
"pattern": {
|
23
|
+
"regexp": "^(.*):(\\d+):\\s+(WARN|FAIL):\\s+(.*)$",
|
24
|
+
"file": 1,
|
25
|
+
"severity": 3,
|
26
|
+
"message": 4,
|
27
|
+
"location": 2
|
28
|
+
},
|
29
|
+
"background": {
|
30
|
+
"activeOnStart": true,
|
31
|
+
"beginsPattern": "^Changes detected",
|
32
|
+
"endsPattern": "^Waiting for changes"
|
33
|
+
},
|
34
|
+
},
|
35
|
+
"presentation": {
|
36
|
+
"reveal": "always",
|
37
|
+
"revealProblems": "onProblem"
|
38
|
+
},
|
39
|
+
"runOptions": {
|
40
|
+
"runOn": "folderOpen"
|
41
|
+
}
|
42
|
+
},
|
43
|
+
{
|
44
|
+
"label": "Recog Verify",
|
45
|
+
"command": "bin/recog_verify",
|
46
|
+
"args": [
|
47
|
+
"--schema-location",
|
48
|
+
"xml/fingerprints.xsd",
|
49
|
+
"${workspaceFolder}/xml/*.xml"
|
50
|
+
],
|
51
|
+
"windows": {
|
52
|
+
"command": ""
|
53
|
+
},
|
54
|
+
"type": "process",
|
55
|
+
"problemMatcher": {
|
56
|
+
"owner": "recog",
|
57
|
+
"fileLocation": [
|
58
|
+
"absolute"
|
59
|
+
],
|
60
|
+
"pattern": {
|
61
|
+
"regexp": "^(.*):(\\d+):\\s+(WARN|FAIL):\\s+(.*)$",
|
62
|
+
"file": 1,
|
63
|
+
"severity": 3,
|
64
|
+
"message": 4,
|
65
|
+
"location": 2
|
66
|
+
}
|
67
|
+
},
|
68
|
+
"presentation": {
|
69
|
+
"reveal": "always",
|
70
|
+
"revealProblems": "onProblem"
|
71
|
+
},
|
72
|
+
"runOptions": {
|
73
|
+
"runOn": "folderOpen"
|
74
|
+
}
|
75
|
+
}
|
76
|
+
]
|
77
|
+
}
|
data/CONTRIBUTING.md
CHANGED
@@ -74,6 +74,12 @@ Generally, this should only need to be done once, or if you need to start over.
|
|
74
74
|
git fetch --all
|
75
75
|
```
|
76
76
|
|
77
|
+
1. Set up git hooks to help identify potential issues with your contributions:
|
78
|
+
|
79
|
+
```bash
|
80
|
+
ln -sf ../../tools/dev/hooks/pre-commit .git/hooks/pre-commit
|
81
|
+
```
|
82
|
+
|
77
83
|
[^back to top](#contributing-to-recog)
|
78
84
|
|
79
85
|
### Branch and Improve
|
@@ -135,6 +141,8 @@ $ echo 'OpenSSH_6.6p1 Ubuntu-2ubuntu1' | bin/recog_match xml/ssh_banners.xml -
|
|
135
141
|
MATCH: {"matched"=>"OpenSSH running on Ubuntu 14.04", "service.version"=>"6.6p1", "openssh.comment"=>"Ubuntu-2ubuntu1", "service.vendor"=>"OpenBSD", "service.family"=>"OpenSSH", "service.product"=>"OpenSSH", "os.vendor"=>"Ubuntu", "os.device"=>"General", "os.family"=>"Linux", "os.product"=>"Linux", "os.version"=>"14.04", "service.protocol"=>"ssh", "fingerprint_db"=>"ssh.banner", "data"=>"OpenSSH_6.6p1 Ubuntu-2ubuntu1"}
|
136
142
|
```
|
137
143
|
|
144
|
+
Additionally, in Visual Studio Code, there is a task (.vscode/tasks.json) which will automatically run recog_verify in the background to watch all the XML fingerprint files (under the xml/ subdirectory of this repository). Additionally, if [fswatch](https://github.com/emcrisostomo/fswatch) is installed, whenever XML fingerprint files are added or modified this task will automatically update the Visual Studio Code user interface and highlight any errors or warnings discovered through recog_verify on the correct file/line. You can also manually run the task by bringing up the Visual Studio Code command menu (cmd + shift + P on mac, or ctrl + shift + P for linux/windows) -> Tasks: Run Task -> Recog Verify). Note that in order for the task to run successfully, you must have a valid ruby installed on your PATH with the gems from `bundle install` installed using bundler for that ruby engine. JRuby is not supported as it has issues related to line numbering due to a bug in Nokogiri.
|
145
|
+
|
138
146
|
[^back to top](#contributing-to-recog)
|
139
147
|
|
140
148
|
|
data/README.md
CHANGED
@@ -76,6 +76,23 @@ The `example` string can be base64 encoded to permit the use of unprintable char
|
|
76
76
|
</example>
|
77
77
|
````
|
78
78
|
|
79
|
+
Additionally, examples can be placed in a directory with the same base name as the XML file, in the same directory as the XML file:
|
80
|
+
|
81
|
+
```
|
82
|
+
xml/services.xml
|
83
|
+
xml/services/file1
|
84
|
+
xml/services/file2
|
85
|
+
...
|
86
|
+
```
|
87
|
+
|
88
|
+
They can then be loaded using the `_filename` attribute:
|
89
|
+
|
90
|
+
```xml
|
91
|
+
<example _filename="file1"/>
|
92
|
+
```
|
93
|
+
|
94
|
+
This is useful for long examples.
|
95
|
+
|
79
96
|
[^back to top](#recog-a-recognition-framework)
|
80
97
|
|
81
98
|
## Contributing
|
data/bin/recog_standardize
CHANGED
@@ -61,6 +61,7 @@ hw_device = load_identifiers(File.join(bdir, "hw_device.txt"))
|
|
61
61
|
svc_prod = load_identifiers(File.join(bdir, "service_product.txt"))
|
62
62
|
svc_family = load_identifiers(File.join(bdir, "service_family.txt"))
|
63
63
|
|
64
|
+
missing_count = 0
|
64
65
|
|
65
66
|
ARGV.each do |arg|
|
66
67
|
Dir.glob(arg).each do |file|
|
@@ -70,6 +71,7 @@ ARGV.each do |arg|
|
|
70
71
|
paramIndex, val = v
|
71
72
|
if ! fields[k]
|
72
73
|
puts "FIELD MISSING: #{k}"
|
74
|
+
missing_count += 1
|
73
75
|
fields[k] = true
|
74
76
|
end
|
75
77
|
next if paramIndex != 0
|
@@ -79,51 +81,61 @@ ARGV.each do |arg|
|
|
79
81
|
when "os.vendor", "service.vendor", "service.component.vendor", "hw.vendor"
|
80
82
|
if ! vendors[val]
|
81
83
|
puts "VENDOR MISSING: #{val}"
|
84
|
+
missing_count += 1
|
82
85
|
vendors[val] = true
|
83
86
|
end
|
84
87
|
when "os.arch"
|
85
88
|
if ! os_arch[val]
|
86
89
|
puts "OS ARCH MISSING: #{val}"
|
90
|
+
missing_count += 1
|
87
91
|
os_arch[val] = true
|
88
92
|
end
|
89
93
|
when "os.product"
|
90
94
|
if ! os_prod[val]
|
91
95
|
puts "OS PRODUCT MISSING: #{val}"
|
96
|
+
missing_count += 1
|
92
97
|
os_prod[val] = true
|
93
98
|
end
|
94
99
|
when "os.family"
|
95
100
|
if ! os_family[val]
|
96
101
|
puts "OS FAMILY MISSING: #{val}"
|
102
|
+
missing_count += 1
|
97
103
|
os_family[val] = true
|
98
104
|
end
|
99
105
|
when "os.device"
|
100
106
|
if ! os_device[val]
|
101
107
|
puts "OS DEVICE MISSING: #{val}"
|
108
|
+
missing_count += 1
|
102
109
|
os_device[val] = true
|
103
110
|
end
|
104
111
|
when "hw.product"
|
105
112
|
if ! hw_prod[val]
|
106
113
|
puts "HW PRODUCT MISSING: #{val}"
|
114
|
+
missing_count += 1
|
107
115
|
hw_prod[val] = true
|
108
116
|
end
|
109
117
|
when "hw.family"
|
110
118
|
if ! hw_family[val]
|
111
119
|
puts "HW FAMILY MISSING: #{val}"
|
120
|
+
missing_count += 1
|
112
121
|
hw_family[val] = true
|
113
122
|
end
|
114
123
|
when "hw.device"
|
115
124
|
if ! hw_device[val]
|
116
125
|
puts "HW DEVICE MISSING: #{val}"
|
126
|
+
missing_count += 1
|
117
127
|
hw_device[val] = true
|
118
128
|
end
|
119
129
|
when "service.product", "service.component.product"
|
120
130
|
if ! svc_prod[val]
|
121
131
|
puts "SERVICE PRODUCT MISSING: #{val}"
|
132
|
+
missing_count += 1
|
122
133
|
svc_prod[val] = true
|
123
134
|
end
|
124
135
|
when "service.family"
|
125
136
|
if ! svc_family[val]
|
126
137
|
puts "SERVICE FAMILY MISSING: #{val}"
|
138
|
+
missing_count += 1
|
127
139
|
svc_family[val] = true
|
128
140
|
end
|
129
141
|
end
|
@@ -132,17 +144,20 @@ ARGV.each do |arg|
|
|
132
144
|
end
|
133
145
|
end
|
134
146
|
|
135
|
-
|
147
|
+
if options.write
|
148
|
+
# Write back the unique identifiers
|
149
|
+
write_identifiers(vendors, File.join(bdir, "vendor.txt"))
|
150
|
+
write_identifiers(fields, File.join(bdir, "fields.txt"))
|
151
|
+
write_identifiers(os_arch, File.join(bdir, "os_architecture.txt"))
|
152
|
+
write_identifiers(os_prod, File.join(bdir, "os_product.txt"))
|
153
|
+
write_identifiers(os_family, File.join(bdir, "os_family.txt"))
|
154
|
+
write_identifiers(os_device, File.join(bdir, "os_device.txt"))
|
155
|
+
write_identifiers(hw_prod, File.join(bdir, "hw_product.txt"))
|
156
|
+
write_identifiers(hw_family, File.join(bdir, "hw_family.txt"))
|
157
|
+
write_identifiers(hw_device, File.join(bdir, "hw_device.txt"))
|
158
|
+
write_identifiers(svc_prod, File.join(bdir, "service_product.txt"))
|
159
|
+
write_identifiers(svc_family, File.join(bdir, "service_family.txt"))
|
160
|
+
end
|
136
161
|
|
137
|
-
|
138
|
-
|
139
|
-
write_identifiers(fields, File.join(bdir, "fields.txt"))
|
140
|
-
write_identifiers(os_arch, File.join(bdir, "os_architecture.txt"))
|
141
|
-
write_identifiers(os_prod, File.join(bdir, "os_product.txt"))
|
142
|
-
write_identifiers(os_family, File.join(bdir, "os_family.txt"))
|
143
|
-
write_identifiers(os_device, File.join(bdir, "os_device.txt"))
|
144
|
-
write_identifiers(hw_prod, File.join(bdir, "hw_product.txt"))
|
145
|
-
write_identifiers(hw_family, File.join(bdir, "hw_family.txt"))
|
146
|
-
write_identifiers(hw_device, File.join(bdir, "hw_device.txt"))
|
147
|
-
write_identifiers(svc_prod, File.join(bdir, "service_product.txt"))
|
148
|
-
write_identifiers(svc_family, File.join(bdir, "service_family.txt"))
|
162
|
+
exit_code = (missing_count > 0 ? 1 : 0)
|
163
|
+
exit(exit_code)
|
data/bin/recog_verify
CHANGED
@@ -1,12 +1,15 @@
|
|
1
1
|
#!/usr/bin/env ruby
|
2
2
|
|
3
3
|
$:.unshift(File.expand_path(File.join(File.dirname(__FILE__), "..", "lib")))
|
4
|
+
require 'nokogiri'
|
4
5
|
require 'optparse'
|
5
6
|
require 'ostruct'
|
6
7
|
require 'recog'
|
7
|
-
require 'recog/
|
8
|
+
require 'recog/formatter'
|
9
|
+
require 'recog/verifier'
|
10
|
+
require 'recog/verify_reporter'
|
8
11
|
|
9
|
-
options = OpenStruct.new(color: false, detail: false, quiet: false, warnings: true)
|
12
|
+
options = OpenStruct.new(color: false, detail: false, quiet: false, warnings: true, schema: nil)
|
10
13
|
|
11
14
|
option_parser = OptionParser.new do |opts|
|
12
15
|
opts.banner = "Usage: #{$0} [options] XML_FINGERPRINT_FILE1 ..."
|
@@ -35,6 +38,10 @@ option_parser = OptionParser.new do |opts|
|
|
35
38
|
options.warnings = o
|
36
39
|
end
|
37
40
|
|
41
|
+
opts.on("--schema-location SCHEMA_FILE", "Location of the Recog XSD file. If not specified, validation will not be run.") do |schema_file|
|
42
|
+
options.schema = Nokogiri::XML::Schema(File.read(schema_file))
|
43
|
+
end
|
44
|
+
|
38
45
|
opts.on("-h", "--help", "Show this message.") do
|
39
46
|
puts opts
|
40
47
|
exit
|
@@ -50,14 +57,41 @@ end
|
|
50
57
|
|
51
58
|
warnings = 0
|
52
59
|
failures = 0
|
60
|
+
formatter = Recog::Formatter.new(options, $stdout)
|
53
61
|
ARGV.each do |arg|
|
54
62
|
Dir.glob(arg).each do |file|
|
55
|
-
|
56
|
-
options
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
63
|
+
# Create a new reporter per XML file to hold context on success/warn/fails
|
64
|
+
reporter = Recog::VerifyReporter.new(options, formatter, file)
|
65
|
+
|
66
|
+
begin
|
67
|
+
# Validate the XML database against the recog schema first, if requested
|
68
|
+
if options.schema
|
69
|
+
errors = options.schema.validate(Nokogiri::XML(File.read(file)))
|
70
|
+
if errors.size > 0
|
71
|
+
reporter.report(0) do
|
72
|
+
errors.each do |error|
|
73
|
+
reporter.failure(error.message, error.line)
|
74
|
+
end
|
75
|
+
end
|
76
|
+
# Skip validation of individual fingerprints since the XML itself
|
77
|
+
# is likely malformed.
|
78
|
+
next
|
79
|
+
end
|
80
|
+
end
|
81
|
+
|
82
|
+
# Now read the XML file directly and validate the fingerprints
|
83
|
+
# themselves
|
84
|
+
db = Recog::DB.new(file)
|
85
|
+
verifier = Recog::Verifier.new(db, reporter)
|
86
|
+
verifier.verify
|
87
|
+
rescue Recog::FingerprintParseError => e
|
88
|
+
reporter.failure(e.message, e.line_number)
|
89
|
+
rescue => e
|
90
|
+
reporter.failure(e.message)
|
91
|
+
ensure
|
92
|
+
failures += reporter.failure_count
|
93
|
+
warnings += reporter.warning_count
|
94
|
+
end
|
61
95
|
end
|
62
96
|
end
|
63
97
|
|
data/cpe-remap.yaml
CHANGED
@@ -18,6 +18,9 @@ mappings:
|
|
18
18
|
vendor: altn
|
19
19
|
aruba_networks:
|
20
20
|
vendor: arubanetworks
|
21
|
+
atlassian:
|
22
|
+
products:
|
23
|
+
confluence: confluence_server
|
21
24
|
bea:
|
22
25
|
products:
|
23
26
|
weblogic: weblogic_server
|
@@ -127,6 +130,8 @@ mappings:
|
|
127
130
|
vendor: mortbay
|
128
131
|
munin:
|
129
132
|
vendor: munin-monitoring
|
133
|
+
nginx:
|
134
|
+
vendor: f5
|
130
135
|
nlnet_labs:
|
131
136
|
vendor: nlnetlabs
|
132
137
|
products:
|
@@ -140,6 +145,8 @@ mappings:
|
|
140
145
|
parallels:
|
141
146
|
products:
|
142
147
|
plesk: parallels_plesk_panel
|
148
|
+
phoenix_contact:
|
149
|
+
vendor: phoenixcontact
|
143
150
|
plesk:
|
144
151
|
vendor: parallels
|
145
152
|
proftpd_project:
|
@@ -159,6 +166,8 @@ mappings:
|
|
159
166
|
jboss_eap: jboss_enterprise_application_platform
|
160
167
|
jbossweb: jboss_web_framework_kit
|
161
168
|
red_hat_directory_server: directory_server
|
169
|
+
rundeck:
|
170
|
+
vendor: pagerduty
|
162
171
|
serv-u:
|
163
172
|
vendor: solarwinds
|
164
173
|
squid_cache:
|
@@ -180,7 +189,7 @@ mappings:
|
|
180
189
|
tor_project:
|
181
190
|
vendor: torproject
|
182
191
|
traefik_labs:
|
183
|
-
vendor:
|
192
|
+
vendor: traefik
|
184
193
|
products:
|
185
194
|
traefik_proxy: traefik
|
186
195
|
twistedmatrix:
|
@@ -197,6 +206,12 @@ mappings:
|
|
197
206
|
x.org:
|
198
207
|
products:
|
199
208
|
x.org_x11: x11
|
209
|
+
xiongmai_technology:
|
210
|
+
vendor: xiongmaitech
|
211
|
+
zaphoyd_studios:
|
212
|
+
vendor: zaphoyd
|
213
|
+
products:
|
214
|
+
websocket++: websocketpp
|
200
215
|
|
201
216
|
# The following section contains CPE operating system or 'o' remappings. These will
|
202
217
|
# ONLY be used for mapping Recog 'os' attributes.
|
@@ -208,6 +223,11 @@ mappings:
|
|
208
223
|
apple:
|
209
224
|
products:
|
210
225
|
ios: iphone_os
|
226
|
+
mac_os: macos
|
227
|
+
brocade:
|
228
|
+
vendor: broadcom
|
229
|
+
products:
|
230
|
+
fabric_os: fabric_operating_system
|
211
231
|
centos:
|
212
232
|
products:
|
213
233
|
linux: centos
|
@@ -216,6 +236,7 @@ mappings:
|
|
216
236
|
cisco:
|
217
237
|
products:
|
218
238
|
adaptive_security_appliance: adaptive_security_appliance_software
|
239
|
+
mds_9000: mds_9000_san-os
|
219
240
|
nam: network_analysis_module_software
|
220
241
|
pix: pix_firewall_software
|
221
242
|
telepresence: telepresence_video_communication_server_software
|
@@ -234,6 +255,10 @@ mappings:
|
|
234
255
|
debian:
|
235
256
|
products:
|
236
257
|
linux: debian_linux
|
258
|
+
eltex:
|
259
|
+
vendor: eltex-co
|
260
|
+
fedora_project:
|
261
|
+
vendor: fedoraproject
|
237
262
|
hp:
|
238
263
|
products:
|
239
264
|
ilo: integrated_lights-out_firmware
|
@@ -273,10 +298,12 @@ mappings:
|
|
273
298
|
ilom: integrated_lights_out_manager_firmware
|
274
299
|
palo_alto_networks:
|
275
300
|
vendor: paloaltonetworks
|
301
|
+
phoenix_contact:
|
302
|
+
vendor: phoenixcontact
|
276
303
|
red_hat:
|
277
304
|
vendor: redhat
|
278
|
-
|
279
|
-
|
305
|
+
software_house:
|
306
|
+
vendor: swhouse
|
280
307
|
sun:
|
281
308
|
products:
|
282
309
|
solaris: sunos
|
@@ -293,22 +320,54 @@ mappings:
|
|
293
320
|
vmware_esxi_server: esxi
|
294
321
|
wind_river:
|
295
322
|
vendor: windriver
|
323
|
+
xiongmai_technology:
|
324
|
+
vendor: xiongmaitech
|
296
325
|
|
297
326
|
# The following section contains CPE hardware or 'h' remappings. These will
|
298
327
|
# ONLY be used for mapping Recog 'hw' attributes.
|
299
328
|
h:
|
329
|
+
apple:
|
330
|
+
products:
|
331
|
+
imac_(retina_4k_21.5-inch_2019): imac
|
332
|
+
imac_(retina_5k_27-inch_2017): imac
|
333
|
+
imac_(retina_5k_27-inch_2019): imac
|
334
|
+
imac_(retina_5k_27-inch_2020): imac
|
335
|
+
macbook_air_(13-inch_2017): macbook_air
|
336
|
+
macbook_air_(m1_2020): macbook_air
|
337
|
+
macbook_air_(retina_13-inch_2018): macbook_air
|
338
|
+
macbook_air_(retina_13-inch_2019): macbook_air
|
339
|
+
macbook_air_(retina_13-inch_2020): macbook_air
|
340
|
+
macbook_pro_(13-inch_2018_four_thunderbolt_3_ports): macbook_pro
|
341
|
+
macbook_pro_(13-inch_2019_two_thunderbolt_3_ports): macbook_pro
|
342
|
+
macbook_pro_(13-inch_2020): macbook_pro
|
343
|
+
macbook_pro_(13-inch_m1_2020): macbook_pro
|
344
|
+
macbook_pro_(15-inch_2018): macbook_pro
|
345
|
+
macbook_pro_(15-inch_2019): macbook_pro
|
346
|
+
macbook_pro_(16-inch_2019): macbook_pro
|
347
|
+
macbook_pro_(retina_13-inch_early_2015): macbook_pro
|
348
|
+
macbook_pro_(retina_15-inch_mid_2015): macbook_pro
|
300
349
|
cisco:
|
301
350
|
products:
|
302
351
|
nam: network_analysis_module
|
303
352
|
citrix:
|
304
353
|
products:
|
305
354
|
netscaler_sdx_gateway: netscaler_sdx
|
355
|
+
eltex:
|
356
|
+
vendor: eltex-co
|
306
357
|
emc:
|
307
358
|
products:
|
308
359
|
celerra: celerra_network_attached_storage
|
309
360
|
hp:
|
310
361
|
products:
|
311
362
|
ilo: integrated_lights-out
|
363
|
+
kace:
|
364
|
+
vendor: dell
|
365
|
+
products:
|
366
|
+
k1000: kace_k1000_systems_management_appliance
|
367
|
+
phoenix_contact:
|
368
|
+
vendor: phoenixcontact
|
369
|
+
software_house:
|
370
|
+
vendor: swhouse
|
312
371
|
tandberg:
|
313
372
|
vendor: cisco
|
314
373
|
ubiquiti:
|
@@ -17,4 +17,10 @@
|
|
17
17
|
<param pos="2" name="os.version" />
|
18
18
|
<param pos="1" name="os.name" value="Bar" />
|
19
19
|
</fingerprint>
|
20
|
+
<fingerprint pattern="^(\S+) ([\d.]+)$">
|
21
|
+
<description>example with untested parameter</description>
|
22
|
+
<!-- Fail: missing example test os.version parameter -->
|
23
|
+
<example>bar 1.0</example>
|
24
|
+
<param pos="1" name="os.version" />
|
25
|
+
</fingerprint>
|
20
26
|
</fingerprints>
|